Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
- To: "MLUG Off-Topic Discussion" <EMAIL:PROTECTED>
- Subject: RE: [MLUG - DISCUSSION] windows packet sniffer
- From: "Spurling, Shannon" <EMAIL:PROTECTED>
- Date: Mon, 3 Mar 2008 08:35:26 -0600
- Delivery-date: Mon, 03 Mar 2008 08:35:37 -0600
- Envelope-to: EMAIL:PROTECTED
- In-reply-to: <EMAIL:PROTECTED>
- References: <EMAIL:PROTECTED><EMAIL:PROTECTED><EMAIL:PROTECTED> <EMAIL:PROTECTED>
- Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
- Sender: EMAIL:PROTECTED
- Thread-index: Ach7TJwcwYVFU99MRjCyGCf6mLSPhAAAFcogAHsDvyA=
- Thread-topic: [MLUG - DISCUSSION] windows packet sniffer
Most "Man in the Middle" stuff involves some sort of route table
corruption, DNS spoofing, or some sort of social engineering (in order
of hardest to easiest).
Sniffing on a router is next to impossible because of how they are
normally designed. The IP packet would have to be "Copied" as if it were
a multicast packet. Switches do that without much thought. In fact, they
will (in most cases) do that natively when their processors can't handle
the amount of traffic going through them and start to melt down.
You really need a managed switch or hub, but chances are that your
provider doesn't want to be the man in the middle so access to those
components wouldn't be available for an attack. Most of those kinds of
attacks involve tricking the user to go to the wrong site, and proxy the
connection.
We have a tendency to think things are done in the most complex and
mystical way, but don't ascribe such a solution to something that could
be explained with stupidity, pride, and a simple shell script.
S-
-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED] On Behalf Of Nowlin, Dan
Sent: Friday, February 29, 2008 9:34 PM
To: MLUG Off-Topic Discussion
Subject: RE: [MLUG - DISCUSSION] windows packet sniffer
No I do not have access to the router. I know it can be done, otherwise
how do people do all of the "man in the middle" attacks?
Daniel Nowlin
TelCom DataCenter
> -----Original Message-----
> From: EMAIL:PROTECTED [mailto:discussion-
> EMAIL:PROTECTED] On Behalf Of Jerry Gamblin
> Sent: Friday, February 29, 2008 21:30
> To: MLUG Off-Topic Discussion
> Subject: Re: [MLUG - DISCUSSION] windows packet sniffer
>
> Do you have access to the router between the machine and the internet?
> I dont know of anything that can remotly monitro all the traffic from
a
> machine
> with out router/firewall access.
>
> On Fri, Feb 29, 2008 at 9:08 PM, Nowlin, Dan <EMAIL:PROTECTED>
> wrote:
> > I am looking for a packet sniffer that can sniff packets going to
and
> > from a remote machine. I need to know if the traffic from/to a
> machine.
> >
> > Daniel Nowlin
> > TelCom DataCenter
> >
> >
> > _______________________________________________
> > discussion mailing list
> > EMAIL:PROTECTED
> > http://mlug.missouri.edu/mailman/listinfo/discussion
> >
>
>
>
> --
> Thanks,
>
> Jerry Gamblin
>
> _______________________________________________
> discussion mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/discussion
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact